Thanks for your reply.
The version is 12.1.2015.2015. The OS is Windows 7 SP1 Enterprise 64-bit. Installed components are Firewall, ITPMain, NTPMain, PTPMain, TruScan, SAVMain.
I contacted the Symantec support about the problem, they are still investigating.
The problem can 99% sure be attributed to UMEngx86.dll hooking into kernel functions. Try out the minimum repro code I provided: If the EXE is run with SEP installed and UMEngx86.dll present, UMengx86.dll is loaded during initialization and the crash in ntdll.dll occurs before the main method is reached. If the UMengx86.dll is simply renamed, the EXE does not load it at startup and everything works fine.
I contacted a Windows kernel developer and security specialist at Microsoft about the issue who confirmed to me that the stack trace strongly suggests outside interference with the kernel.
I believe it is in Symantec's very own interest to fix this problem quickly - not only because SEP appearently breaks the functionality of pretty much any software compiled with the VS2013 platform toolset which calls into C++/CLI code (a problem which will augment as Visual Studio 2013 is increasingly being used by software developers), but also because there is the possibility that this bug can be exploited for privilege escalation. This means that a tailored binary may be crafted by attackers to provoke the crash in order to inject malicious code into the system and start its execution with administrative rights. I have not looked into this problem enough to tell if this is possible or not, but it should be considered.
It should be noted that this error is not caused by a false positive in the virus definitions. SEP is not intentionally stopping the software from working because it is considered malware, but instead, SEP modifies internal kernel functions in a way which may lead to a crash in the Windows kernel when certain legitimate software is run (which is not classified as malware by SEP). This is clearly a bug and needs to be fixed.
I'd also like to note that I spent about two weeks finding out the root cause for the problem that production software which used to work perfectly at our company suddenly stopped working. (First, I suspected Windows kernel or Visual Studio updates, but they proved to be innocent.) I strongly urge the Symantec software engineers to double-check their code when messing around with Windows kernel internals. Tracking the problem down to SEP has already created massive costs for us. Hopefully, Symantec is able to fix this error soon.